<?php

/******************************************
* File:				lib_ldap.php
* Version:			1.0.1
* Last modified:	25/10/2009
* Last modifier:	Hugo Lavigne
*****************************************/

Function user_login_ldap($user, $pass, $chkadm=FLASE)
{

	/*
	*	ERROR
	* -1 Bab user
	* -2 No DC
	* -3 Error SQL
	*/

	if ((trim($user) == "") || (trim($pass) == ""))
    return (-1);

	$table_auth = $_SESSION['prefix']."users_auth";
	$table_users_infos = $_SESSION['prefix']."users_infos";
	$table_templates = $_SESSION['prefix']."templates";
	$table_admin = $_SESSION['prefix']."admin";
	$admin = 0;
	
	$connection = dbconnect();
  
	if ($chkadm == TRUE)
	{
		$req = dbquery("SELECT aid FROM $table_admin WHERE admin='$user' AND password=md5('$pass')", $connection);
		if (@mysql_num_rows($req) > 0)
			$admin = 1;
	}

	if ($admin == 1)
		$_SESSION['admin'] = "ok";
	elseif ($admin == 0)
	{
		$get_result = connect_ldap($user, $pass);
		if ($get_result < 0)
			return (-2);
		elseif ($get_result == 0)
			return (-1);
	}
		
	
	$req = dbquery("SELECT uid,login,mail,tid FROM $table_auth WHERE login='$user'", $connection);
	if (@mysql_num_rows($req) == 0)
	{
		@mysql_close($connection);
		user_signup_ldap($user);
		$connection = dbconnect();
		$req = dbquery("SELECT uid,login,mail,tid FROM $table_auth WHERE login='$user'", $connection);
		if (@mysql_num_rows($req) == 0)
		{
			@mysql_close($connection);
			return (-5);
		}
	}
  
	$uid = @mysql_result($req, 0, "uid");
  
	if ($_SESSION['status'] == "offline")
	{
		if ($admin == 1)
			$_SESSION['admin'] = "ok";
		else
		{
			if (!is_administrator($uid))
				return (-3);
		}
	}
  
  
	$req_infos = dbquery("SELECT valid FROM $table_users_infos WHERE uid='$uid'", $connection);
	$valid = @mysql_result($req_infos, 0, "valid");
	if ($valid == "ko")
		return (-4);
  
	$_SESSION['uid'] = $uid;
	$_SESSION['login'] = @mysql_result($req, 0, "login");
	$_SESSION['mail'] = @mysql_result($req, 0, "mail");
	$_SESSION['tid'] = @mysql_result($req, 0, "tid");
  
	$tid = $_SESSION['tid'];
	$req = dbquery("SELECT name,path FROM $table_templates WHERE tid='$tid'", $connection);
	@mysql_close($connection);
	if (mysql_num_rows($req) > 0)
	{
		$template = @mysql_result($req, 0, "path");
  
		$_SESSION['template_name'] = @mysql_result($req, 0, "name");
		$_SESSION['template'] = $template;
		$_SESSION['css'] = $template;
	}
	
	$_SESSION['valid'] = "ok";
	return (0);
	
}

################################################################################################################
Function connect_ldap($user, $pass)
{
	if (@(!$connection_ldap = ldap_connect($_SESSION[server_ldap])))
		return (-1);
    
	//Connection only for a Microsft domain
	ldap_set_option($connection_ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
	ldap_set_option($connection_ldap, LDAP_OPT_REFERRALS, 0);
	
	$domain = str_to_word_tab($_SESSION['domain_ldap'], ".");
	$user_ldap = $domain[0]."\\".$user;
	$pass_ldap = $pass;
	
	@$authentification_ldap = ldap_bind($connection_ldap, $user_ldap, $pass_ldap);
	return ($authentification_ldap);
}

################################################################################################################
Function user_signup_ldap($user)
{
  $table_auth = $_SESSION['prefix']."users_auth";
  $table_infos = $_SESSION['prefix']."users_infos";
  $table_users_groups = $_SESSION['prefix']."users_groups";
  $connection = dbconnect();
  
  $nuid = create_mysql_id($table_auth, "uid", $connection);
  $date = date('Y-m-d H:i:s');
  $ip = $_SERVER['REMOTE_ADDR'];
    
  $mail = $user.'@'.$_SESSION['domain_ldap'];
  $req = dbquery("INSERT INTO $table_auth VALUES($nuid, '$user', md5('no_pass'), '$mail', '1')", $connection);
  echo mysql_error();
  $req = dbquery("INSERT INTO $table_infos VALUES($nuid, '$ip', '$date', 'ok')", $connection);
	
  $nid = create_mysql_id($table_users_groups, "id", $connection);
  $req = dbquery("INSERT INTO $table_users_groups VALUES($nid, '$nuid', '2', 'ok')", $connection);
  
  @mysql_close($connection);
  
  @mkdir ("data/users/$user", 0700);
  return ($nuid);
}

?>